Types
The Kion Glossary
-
Action Plans
Action Plans allow conditional application of Cloud Rules across projects and organizational units using labels, enabling flexible policy enforcement based on those labels. Apply a label to an organizational unit or project and automatically apply a cloud rule to enforce an associated policy anywhere in the multicloud environment
-
Admin Audit
Admin Audit scans your AWS environment to identify over-privileged or ‘accidental admins,’ providing reports on principals with privileged access and access chains demonstrating how that access is granted to help right-size permissions and enhance security.
-
Budgets
Kion’s Budget feature allows organizations to set hierarchical budget limits, track real-time spend, and implement financial controls to prevent overspending across different projects and organizational units.
-
Cloud Access Roles (CAR)
Cloud Access Roles map users and group memberships within your identity provider to roles and permissions across your CSPs to ensure appropriate end-user access. This simplifies the granting and managing of permissions compared to doing it within each cloud provider separately and ensures least-privilege.
-
Cloud Rules
Cloud rules are a cloud-agnostic construct within Kion that orchestrates CSP native services to effect policy and guardrails across your multicloud environment. Cloud Rules combine services like AWS service control policies, Azure ARM templates, and Google Cloud IAM roles to automate the provisioning of accounts, resources, and networking configurations, manage identities, and satisfy compliance requirements to ensure governance by default across your cloud environment.
-
Compliance Engine
The Compliance Engine automates compliance by continuously monitoring your multicloud environment, detecting noncompliance, enabling automatic remediation, and providing real-time reports on your compliance posture.
-
Compliance Programs
Compliance Programs offer pre-configured compliance regimes and custom compliance checks mapped to various program controls, simplifying the process of meeting regulatory requirements and managing compliance findings.
-
Compliance Jumpstarts
One-click, preconfigured resources mapped against a given compliance regime (eg. FedRAMP, HIPAA, SOC2) to expedite bringing your multicloud environment into compliance with a given regulatory standard.
-
Cost Reporting
Cost Reporting offers centralized visibility into multicloud spending, allowing detailed insights and analytics by service, label, tags, and both amortized and non-amortized spend, across resources, accounts, and organizational units to effectively manage costs.
-
Financial Enforcement Actions
Financial Enforcement Actions automatically enforce budget constraints by restricting the use of expensive services, adjusting permissions, and implementing spend guardrails when spend thresholds or conditional limits are exceeded.
-
FOCUS Support
FOCUS Support enhances Kion’s financial operations by allowing users to import their financial data into Kion using the FinOps Open Cost & Usage Specification format, improving multicoud financial visibility and control.
-
Labels
Similar to tags, these allow you to label items within Kion for reporting and policy application, including or excluding specific data.
-
Organizational Chart (Org Chart)
Kion’s Organizational Chart (Org Chart) structures cloud resources hierarchically with no limit to its depth and breadth, allowing for centralized management of policies, budgets, and access controls across various departments and projects within a multicloud environment.
-
Organizational Units (OU)
Kion’s Organizational Unit (OU) is a container for other OUs and projects that groups cloud resources logically within the Organizational Chart, enabling targeted application of policies, budgets, and access controls for efficient multicloud management.
-
Projects
A container for one or more CSP accounts or subscriptions.